package com.lengmomo.games.config;

import cn.hutool.core.codec.Base64;
import com.lengmomo.games.shiro.UserRealm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

//import org.apache.shiro.codec.Base64;

/**
 * 安全框架
 *
 * @author: lengmomo
 * @create: 2021/8/26
 * <p>
 * Subject : 主体
 * SecurityManager ： 安全管理器
 * Realm ： Shiro链接数据的桥梁
 **/

@Configuration
public class ShiroConfig {

    /**
     * 创建ShiroFilterFactoryBean
     */
    @Bean(name = "shiroFilterFactoryBean")
    public ShiroFilterFactoryBean getShiroFilterFactoryBean() {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //设置安全管理器
        shiroFilterFactoryBean.setSecurityManager(getDefaultWebSecurityManager());

        //设置过滤器 可以实现一些相关拦截
        /***
         * anon:无需认证（登录）可以访问
         * authc:必须认证才可以访问
         * user:使用rememberMe功能才可以访问
         * perms:该资源必须得到资源权限才可以访问
         * role:必须得到角色权限才可以访问
         */
        Map<String, String> map = new LinkedHashMap<>();
        map.put("/chess/**", "anon");
        map.put("/static/**", "anon");
        map.put("/CWS/**","anon");
        map.put("/JWS/**","anon");
        map.put("/**", "authc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);

        shiroFilterFactoryBean.setLoginUrl("/login");//没有认证跳转登录页

        return shiroFilterFactoryBean;
    }

    /**
     * 记住我cookie配置
     *
     * @return
     */
    @Bean
    public SimpleCookie rememberMeCookie() {
        //这个参数是cookie的名称，对应前端的checkbox的name = rememberMe
        SimpleCookie simpleCookie = new SimpleCookie("rememberMe");
        //<!-- 记住我cookie生效时间30天 ,单位秒;-->
        simpleCookie.setMaxAge(259200);
        simpleCookie.setHttpOnly(false);
        return simpleCookie;
    }

    /**
     * 缓存管理器
     *
     * @return
     */
    @Bean
    public CookieRememberMeManager rememberMeManager() {
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        cookieRememberMeManager.setCookie(rememberMeCookie());
        //rememberMe cookie加密的密钥 建议每个项目都不一样 默认AES算法 密钥长度(128 256 512 位)
        cookieRememberMeManager.setCipherKey(Base64.decode("2AvVhdsgUs0FSA3SDFAdag=="));
        return cookieRememberMeManager;
    }

    /**
     * 创建DefaultWebSecurityManager
     */
    @Bean
    public DefaultWebSecurityManager getDefaultWebSecurityManager() {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        //关联realm
        defaultWebSecurityManager.setRealm(getUserRealm());
        return defaultWebSecurityManager;
    }

    /***
     * 创建realm
     * @return
     */
    @Bean
    public UserRealm getUserRealm() {
        return new UserRealm();//realm中可以存放认证逻辑和授权逻辑
    }
}
